Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/B1335F1AC56A11ED9C305A33C4F9AE02.roa
File: B1335F1AC56A11ED9C305A33C4F9AE02.roa (raw, json)
Hash identifier: xgbES0ex3GdKtSSPoPs5HQUTvXl7g1+/YUUyrUA3DJY=
Subject key identifier: 81:9F:40:CF:1B:5A:BB:49:C7:CA:A2:B5:F6:06:DB:FE:C2:58:26:A1
Certificate issuer: /CN=A911B310/serialNumber=E31667960480CF07E3C22D790DE4E201EF7040DB
Certificate serial: 0194
Authority key identifier: E3:16:67:96:04:80:CF:07:E3:C2:2D:79:0D:E4:E2:01:EF:70:40:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4xZnlgSAzwfjwi15DeTiAe9wQNs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/B1335F1AC56A11ED9C305A33C4F9AE02.roa
Signing time: Wed 19 Mar 2025 02:48:34 +0000
ROA not before: Wed 19 Mar 2025 02:48:34 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 150774
IP address blocks: 103.84.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 17:23:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 404 (0x194)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B310, serialNumber=E31667960480CF07E3C22D790DE4E201EF7040DB
Validity
Not Before: Mar 19 02:48:34 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67da3082-1df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:ba:4c:63:9b:7d:5e:67:f7:c5:f2:89:67:
c1:f5:20:72:4f:d5:38:19:a2:cd:3c:12:ae:e8:d4:
d4:29:ec:d2:0b:76:fc:d2:0f:c6:d6:9f:ba:91:19:
be:08:54:b8:cb:84:7e:77:aa:93:a6:48:51:47:3d:
ab:28:cb:41:09:8b:44:0e:24:84:9e:2c:47:56:5c:
59:2f:3f:c3:cd:4d:69:24:01:16:ce:24:43:3b:1d:
d1:23:9a:b5:48:75:58:da:d7:d1:81:0b:33:34:ee:
17:b7:53:b5:84:e8:cb:4f:3c:ed:1f:d4:fc:a6:bf:
c0:a7:9d:19:ea:de:f5:54:37:13:27:0e:7c:54:61:
cf:9f:30:38:8b:5f:7f:62:f4:55:03:fa:ed:9e:29:
b0:0c:6c:c7:c5:5d:b2:a4:8a:21:d5:7f:9d:13:4d:
47:e9:83:e3:80:67:61:bb:3d:e0:0c:fe:a4:e6:a5:
33:dc:44:b1:88:5c:cf:49:67:c5:77:03:35:20:0d:
96:16:49:0d:d2:d9:86:72:ba:ab:15:2a:ae:8f:a0:
9c:9a:d1:41:7c:30:40:aa:48:a0:66:a1:f2:99:6a:
08:9b:28:8a:5b:b6:5a:ca:4f:2c:42:a3:09:6d:02:
39:2b:a9:20:69:ef:e6:06:b4:9d:95:31:76:95:a0:
5d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9F:40:CF:1B:5A:BB:49:C7:CA:A2:B5:F6:06:DB:FE:C2:58:26:A1
X509v3 Authority Key Identifier:
keyid:E3:16:67:96:04:80:CF:07:E3:C2:2D:79:0D:E4:E2:01:EF:70:40:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/4xZnlgSAzwfjwi15DeTiAe9wQNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4xZnlgSAzwfjwi15DeTiAe9wQNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/B1335F1AC56A11ED9C305A33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.59.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f7:f3:97:4a:32:4c:62:d9:88:a4:64:3c:70:d7:45:8b:7c:
08:53:e1:f1:46:fc:03:bc:ab:ec:df:60:7a:93:37:e4:fa:97:
8e:49:b1:ac:00:cd:eb:40:47:cb:3c:61:f6:cc:7b:6f:ea:26:
95:23:78:52:41:51:28:d3:1a:9a:ff:ed:43:1c:d0:9b:96:9b:
38:ec:43:dc:dd:4c:e3:14:50:6d:65:15:7b:bd:1b:f6:24:13:
eb:83:9b:0b:33:40:73:6f:db:a9:b4:19:38:97:9e:7f:6d:9d:
e0:46:30:83:5b:d2:17:cb:d3:86:95:96:40:cf:f7:76:68:ce:
4c:e1:e7:fc:3a:5c:59:eb:f5:c6:ab:ec:6e:16:23:b3:ce:1f:
b2:a5:c1:a4:ab:10:11:da:9a:2e:25:b0:ce:f9:69:6f:df:0d:
b7:e6:ac:eb:4e:cc:4e:21:50:73:a3:00:93:44:e7:20:50:33:
23:c6:5a:79:8c:94:b8:91:c4:c4:bb:ee:03:d5:3e:32:c2:4f:
6d:14:55:3e:b6:e0:ac:25:e0:95:72:7f:17:50:92:19:f2:39:
6d:02:e1:58:9b:22:8f:18:cb:a0:c4:1e:ae:11:c7:4d:44:fe:
2c:9c:23:48:82:85:ad:98:58:fc:b3:23:f3:6d:bb:4c:76:2f:
05:44:f2:3e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUIzMTAxMTAvBgNVBAUTKEUzMTY2Nzk2MDQ4MENGMDdFM0MyMkQ3OTBERTRFMjAx
RUY3MDQwREIwHhcNMjUwMzE5MDI0ODM0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RhMzA4Mi0xZGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsk+6TGObfV5n98XyiWfB9SByT9U4GaLNPBKu6NTUKezSC3b80g/G1p+6kRm+
CFS4y4R+d6qTpkhRRz2rKMtBCYtEDiSEnixHVlxZLz/DzU1pJAEWziRDOx3RI5q1
SHVY2tfRgQszNO4Xt1O1hOjLTzztH9T8pr/Ap50Z6t71VDcTJw58VGHPnzA4i19/
YvRVA/rtnimwDGzHxV2ypIoh1X+dE01H6YPjgGdhuz3gDP6k5qUz3ESxiFzPSWfF
dwM1IA2WFkkN0tmGcrqrFSquj6CcmtFBfDBAqkigZqHymWoImyiKW7Zayk8sQqMJ
bQI5K6kgae/mBrSdlTF2laBdXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIGfQM8b
WrtJx8qitfYG2/7CWCahMB8GA1UdIwQYMBaAFOMWZ5YEgM8H48IteQ3k4gHvcEDb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjMxMC8zRUJEMTdDMkFE
MTAxMUVEODU0QTNFMURDNEY5QUUwMi80eFpubGdTQXp3Zmp3aTE1RGVUaUFlOXdR
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR4Wm5sZ1NBendmandpMTVEZVRpQWU5d1FOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUIzMTAvM0VCRDE3QzJBRDEwMTFFRDg1NEEzRTFEQzRGOUFFMDIvQjEzMzVGMUFD
NTZBMTFFRDlDMzA1QTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnVDswDQYJKoZIhvcNAQELBQADggEBACz385dKMkxi2Yik
ZDxw10WLfAhT4fFG/AO8q+zfYHqTN+T6l45JsawAzetAR8s8YfbMe2/qJpUjeFJB
USjTGpr/7UMc0JuWmzjsQ9zdTOMUUG1lFXu9G/YkE+uDmwszQHNv26m0GTiXnn9t
neBGMINb0hfL04aVlkDP93Zozkzh5/w6XFnr9car7G4WI7POH7KlwaSrEBHami4l
sM75aW/fDbfmrOtOzE4hUHOjAJNE5yBQMyPGWnmMlLiRxMS77gPVPjLCT20UVT62
4Kwl4JVyfxdQkhnyOW0C4VibIo8Yy6DEHq4Rx01E/iycI0iCha2YWPyzI/Ntu0x2
LwVE8j4=
-----END CERTIFICATE-----
Generated at Mon Jun 2 06:26:54 2025 by rpki-client